Real-time MySQL audit tool by DataSunrise continuously analyzes incoming traffic according to the White List of SQL queries set by an administrator as safe ones. Database activity tracking ability blocks any attacks on MySQL, prevents unauthorized access and guarantees effective data protection. Nonstop monitoring is a part of any investigation process as well.
DataSunrise Data Audit for MySQL database enables real-time tracking of changes with data, database structure and user actions. Audit records include database operations performed, who performed the operation and when, as well as all the attributes of the operation.
Accurate logging ensures that DataSunrise captures database activity and user behavior in detail. Log information is used for continuous monitoring of activities and prevention of attacks, data leaks, attempts of access rights abuse, etc. Later on the gathered information is used for analysis, investigation of data security incidents and detecting suspicious traits that could signal about potential data breach preparation.
Relational database platforms feature native audit capability, which is not often used by DBAs due to creating performance and data management issues. Unlike native audit DataSunrise Data Audit allows to monitor database activity without any impact on database or applications and thus doesn't create any performance or scalability issues.
DataSunrise supports Syslog – the most widely used protocol for message logging. This enables to integrate the firewall with Security Information and Event Management (SIEM) solutions and enhance security analytics capabilities of a used SIEM solution. Integrated with SIEM system Datasunrise helps to achieve full visibility of database transactions and user activity. More detailed information on monitoring feature is available here.
DataSunrise Data Audit retrieves and logs the following data:
- SQL query code;
- Session duration;
- Number of rows affected by query, and query results;
- Database errors;
- Database user information (user name, host name);
- Information on client application used to query database (application name, host name).
MySQL audit solution by DataSunrise can be configured to save auditing results in the integrated SQLite database, stand-alone PostgreSQL, Amazon Aurora, Amazon Redshift or MySQL database; or it can export event logs to external SIEM system.